Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/sosdave/Enumeration-as-a-Service
Script for Enumerating SaaS offerings of a specific domain through DNS queries
https://github.com/sosdave/Enumeration-as-a-Service
Last synced: about 2 months ago
JSON representation
Script for Enumerating SaaS offerings of a specific domain through DNS queries
- Host: GitHub
- URL: https://github.com/sosdave/Enumeration-as-a-Service
- Owner: sosdave
- Created: 2018-10-18T13:16:33.000Z (about 6 years ago)
- Default Branch: master
- Last Pushed: 2022-12-07T03:33:15.000Z (about 2 years ago)
- Last Synced: 2024-08-01T03:27:33.936Z (4 months ago)
- Language: Python
- Size: 4.88 KB
- Stars: 27
- Watchers: 0
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-tools - Enumeration-as-a-Service
- Awesome-Asset-Discovery - Enumeration-as-a-Service
README
# Enumeration as a Service
## Description
Enumeration as a Service (eaas.py) in a script that queries the DNS server of a particular domain looking for indications that the domain may be utilizing SaaS offerings. This analysis is performed on TXT, CNAME, A and MX Records. Query results, as well as highlighted results of interest are returned to the user.
## Usage
`./eaas.py `
## To Do
- Add known IP address ranges for lookups for SPF records (currently reliant on DNS)
- Checking for dependencies and prompting for install if not available on current machine
- Add "Verbose Mode" to allow user to decide whether or they want detailed responses
- Summary of findings at the end of the query for easier viewing
- Add any additional SaaS offerings which may have been overlooked (There are likely _many_)## Current Checks
- `google-site-verification` TXT Record [Documentation]
- `google.com` in SPF Record
- `google.com` in MX Record
- `googlemail.com` in MX Record
- A records which have the term `GOOGLE` in the ASN Provider
- CNAME records that point to `lync.com`#### Microsoft
- `MS` TXT record [Documentation](https://support.office.com/en-us/article/gather-the-information-you-need-to-create-office-365-dns-records-77f90d4a-dc7f-4f09-8972-c1b03ea85a67)
- CNAME Record pointing to `outlook`
- `protection.outlook.com` in SPF record
- `protection.outlook.com` in SPF Record
- A records which have the term `MICROSOFT` in the ASN Provider##### DocuSign
- `docusign` TXT Record [Documentation](https://support.docusign.com/en/guides/org-admin-guide-domains)
- `facebook-domain-verification` TXT Record [Documentation](https://developers.facebook.com/docs/sharing/domain-verification/)#### Adobe
- `adobe-sign-verification` TXT Record [Documentation](https://helpx.adobe.com/sign/help/domain_claiming.html)
- `adobe-idp-site-verification` TXT Record [Documentation](https://helpx.adobe.com/ca/enterprise/using/verify-domain-ownership.html)#### Atlassian
- `atlassian-domain-verification` TXT Record [Documentation](https://confluence.atlassian.com/cloud/domain-verification-873871234.html)#### Yandex
- `yandex-verification` TXT Record#### Amazon
- `_amazonses` TXT Record [Documentation](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/dns-txt-records.html)#### LogMeIn
- `logmein-verification-code` TXT Record [Documentation](https://support.logmeininc.com/gotomeeting/help/set-up-domains-g2m710101)#### Citrix
- `citrix-verification-code` TXT Record#### Salesforce / Pardot
- `pardot` TXT Record
- `salesforce.com` in SPF Record#### Zuora
- `zuora` TXT Record#### AirWatch
- A records which have `AirWatch LLC` in ASN Provider
- CNAME records that point to `awmdm.com`#### ProofPoint
- `pphosted.com` in SPF Record
- `pphosted` in MX Record#### Service Now
- `service-now.com` in SPF Record#### NetSuite
- `mailsenders.netsuite.com` in SPF Record#### Marketo
- `mktomail.com` in SPF Record#### MailChimp / Mandrill
- `spf.mandrillapp.com` in SPF Record
- `mcsv.net` in SPF Record#### ZenDesk
- `zendesk.com` in SPF Record#### FreshDesk
- `freshdesk.com` in SPF Record#### ZOHO
- `zoho.com` in MX Record